Basic service authentication and registration

For the Basic Authentication method the OpenAIRE AAI server generates a pair of Client ID and Client Secret for your service upon its registration. The service uses the client id and client secret to obtain the access token for the OpenAIRE APIs. The OpenAIRE AAI server checks whether the client id and client secret sent is valid.

How to register your service

To register your service you need to:

  1. Login to OpenAIRE. In case you are not already a member you will need to register first.
  2. Go to your Registered Services page and click the New Service button.
  3. Provide the "Νame" (mandatory) of your service.
  4. Select the Basic "Security level".
  5. Click the Add New Service button.

Once your service is created, the Client ID and Client Secret will appear on your screen. Click "OK" and your new service will be appear in the list of your Registered Services page.

How to make a request

Step 1. Request for an access token

To make an access token request use the Client ID and Client Secret of your service. 

                        
                              curl -u {CLIENT_ID}:{CLIENT_SECRET} \
                              -X POST 'https://aai.openaire.eu/oidc/token' \
                              -d 'grant_type=client_credentials'

where {CLIENT_ID} and {CLIENT_SECRET} are the Client ID and Client Secret assigned to your service upon registration.

The response is: 

                              
                                    {
                                       "access_token": ...,
                                       "token_type": "Bearer",
                                       "expires_in": ...
                                   }

Store the access token confidentially on the service side.

Step 2. Make a request

To access the OpenAIRE APIs send the access token returned in Step 1.

                        
                              GET https://api-test.openaire.eu/{resourceServicePath}
                              Authorization: Bearer {ACCESS_TOKEN}

Error messages

401 - Missing username or/and password

                     
                           {
                              "error": "unauthorized",
                              "error_description": "Client id must not be empty!"
                          }

401 - Wrong username or/and password

                     
                           {
                              "error": "unauthorized",
                              "error_description": "Bad credentials"
                          }

400 - Missing grant type

                     
                           {
                              "error": "invalid_request",
                              "error_description": "Missing grant type"
                          }

400 - Wrong grant type

                     
                           {
                              "error": "unsupported_grant_type",
                              "error_description": "Unsupported grant type: ..."
                          }
   Unless otherwise indicated, all materials created by OpenAIRE are licenced under CC ATTRIBUTION 4.0 INTERNATIONAL LICENSE.